diff options
-rw-r--r-- | source3/libsmb/cliconnect.c | 115 | ||||
-rw-r--r-- | source3/libsmb/clientgen.c | 104 |
2 files changed, 101 insertions, 118 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 428167ebfa..9ff4854998 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -50,14 +50,12 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, char *user, fstring pword; char *p; - if (passlen > sizeof(pword)-1) { + if (passlen > sizeof(pword)-1) return False; - } /* if in share level security then don't send a password now */ - if (!(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) { + if (!(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) passlen = 0; - } if (passlen > 0 && (cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen != 24) { /* Encrypted mode needed, and non encrypted password supplied. */ @@ -99,9 +97,8 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, char *user, show_msg(cli->inbuf); - if (cli_is_error(cli)) { + if (cli_is_error(cli)) return False; - } /* use the returned vuid from now on */ cli->vuid = SVAL(cli->inbuf,smb_uid); @@ -118,17 +115,14 @@ static uint32 cli_session_setup_capabilities(struct cli_state *cli) { uint32 capabilities = CAP_NT_SMBS; - if (!cli->force_dos_errors) { + if (!cli->force_dos_errors) capabilities |= CAP_STATUS32; - } - if (cli->use_level_II_oplocks) { + if (cli->use_level_II_oplocks) capabilities |= CAP_LEVEL_II_OPLOCKS; - } - if (cli->capabilities & CAP_UNICODE) { + if (cli->capabilities & CAP_UNICODE) capabilities |= CAP_UNICODE; - } return capabilities; } @@ -167,9 +161,8 @@ static BOOL cli_session_setup_guest(struct cli_state *cli) show_msg(cli->inbuf); - if (cli_is_error(cli)) { + if (cli_is_error(cli)) return False; - } cli->vuid = SVAL(cli->inbuf,smb_uid); @@ -223,9 +216,8 @@ static BOOL cli_session_setup_plaintext(struct cli_state *cli, char *user, show_msg(cli->inbuf); - if (cli_is_error(cli)) { + if (cli_is_error(cli)) return False; - } cli->vuid = SVAL(cli->inbuf,smb_uid); p = smb_buf(cli->inbuf); @@ -259,20 +251,19 @@ static void set_signing_on_cli (struct cli_state *cli, char* pass, uint8 respons static void set_temp_signing_on_cli(struct cli_state *cli) { - if (cli->sign_info.negotiated_smb_signing) { + if (cli->sign_info.negotiated_smb_signing) cli->sign_info.temp_smb_signing = True; - } } -/** +/**************************************************************************** do a NT1 NTLM/LM encrypted session setup @param cli client state to create do session setup on @param user username @param pass *either* cleartext password (passlen !=24) or LM response. @param ntpass NT response, implies ntpasslen >=24, implies pass is not clear @param workgroup The user's domain. -*/ +****************************************************************************/ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user, char *pass, int passlen, @@ -285,9 +276,8 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user, char *p; BOOL have_plaintext = False; - if (passlen > sizeof(pword) || ntpasslen > sizeof(ntpword)) { + if (passlen > sizeof(pword) || ntpasslen > sizeof(ntpword)) return False; - } if (passlen != 24) { /* non encrypted password supplied. Ignore ntpass. */ @@ -303,11 +293,10 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user, security=server, can't do signing becouse we don't have oringial key */ memcpy(pword, pass, 24); - if (ntpasslen == 24) { + if (ntpasslen == 24) memcpy(ntpword, ntpass, 24); - } else { + else ZERO_STRUCT(ntpword); - } } /* send a session setup command */ @@ -334,19 +323,16 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user, p += clistr_push(cli, p, "Samba", -1, STR_TERMINATE); cli_setup_bcc(cli, p); - if (!cli_send_smb(cli)) { + if (!cli_send_smb(cli)) return False; - } - if (!cli_receive_smb(cli)) { + if (!cli_receive_smb(cli)) return False; - } show_msg(cli->inbuf); - if (cli_is_error(cli)) { + if (cli_is_error(cli)) return False; - } /* use the returned vuid from now on */ cli->vuid = SVAL(cli->inbuf,smb_uid); @@ -433,7 +419,6 @@ static DATA_BLOB cli_session_setup_blob(struct cli_state *cli, DATA_BLOB blob) return blob2; } - #ifdef HAVE_KRB5 /**************************************************************************** Do a spnego/kerberos encrypted session setup. @@ -472,7 +457,6 @@ static BOOL cli_session_setup_kerberos(struct cli_state *cli, char *principal, c static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user, char *pass, char *workgroup) { - const char *mechs[] = {OID_NTLMSSP, NULL}; DATA_BLOB msg1, struct_blob; DATA_BLOB blob, chal1, chal2, auth; uint8 challenge[8]; @@ -506,9 +490,8 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user, data_blob_free(&msg1); - if (!NT_STATUS_EQUAL(cli_nt_error(cli), NT_STATUS_MORE_PROCESSING_REQUIRED)) { + if (!NT_STATUS_EQUAL(cli_nt_error(cli), NT_STATUS_MORE_PROCESSING_REQUIRED)) return False; - } #if 0 file_save("chal.dat", blob.data, blob.length); @@ -541,9 +524,9 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user, } if (ntlmssp_command != NTLMSSP_CHALLENGE) { - DEBUG(0, ("NTLMSSP Response != NTLMSSP_CHALLENGE. Got %0X\n", - ntlmssp_command)); - return False; + DEBUG(0, ("NTLMSSP Response != NTLMSSP_CHALLENGE. Got %0X\n", + ntlmssp_command)); + return False; } @@ -584,9 +567,8 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user, data_blob_free(&auth); data_blob_free(&blob); - if (cli_is_error(cli)) { + if (cli_is_error(cli)) return False; - } set_signing_on_cli(cli, pass, nthash); @@ -687,38 +669,38 @@ BOOL cli_session_setup(struct cli_state *cli, flow a bit easier to understand (tridge) */ /* if its an older server then we have to use the older request format */ - if (cli->protocol < PROTOCOL_NT1) { + + if (cli->protocol < PROTOCOL_NT1) return cli_session_setup_lanman2(cli, user, pass, passlen, workgroup); - } /* if no user is supplied then we have to do an anonymous connection. passwords are ignored */ - if (!user || !*user) { + + if (!user || !*user) return cli_session_setup_guest(cli); - } /* if the server is share level then send a plaintext null password at this point. The password is sent in the tree connect */ - if ((cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) == 0) { + + if ((cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) == 0) return cli_session_setup_plaintext(cli, user, "", workgroup); - } /* if the server doesn't support encryption then we have to use plaintext. The second password is ignored */ - if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) { + + if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) return cli_session_setup_plaintext(cli, user, pass, workgroup); - } /* Indidicate signing */ - /* if the server supports extended security then use SPNEGO */ - if (cli->capabilities & CAP_EXTENDED_SECURITY) { + + if (cli->capabilities & CAP_EXTENDED_SECURITY) return cli_session_setup_spnego(cli, user, pass, workgroup); - } /* otherwise do a NT1 style session setup */ + return cli_session_setup_nt1(cli, user, pass, passlen, ntpass, ntpasslen, workgroup); @@ -808,15 +790,13 @@ BOOL cli_send_tconX(struct cli_state *cli, if (!cli_receive_smb(cli)) return False; - if (cli_is_error(cli)) { + if (cli_is_error(cli)) return False; - } clistr_pull(cli, cli->dev, smb_buf(cli->inbuf), sizeof(fstring), -1, STR_TERMINATE|STR_ASCII); - if (strcasecmp(share,"IPC$")==0) { + if (strcasecmp(share,"IPC$")==0) fstrcpy(cli->dev, "IPC"); - } if (cli->protocol >= PROTOCOL_NT1 && smb_buflen(cli->inbuf) == 3) { @@ -856,9 +836,8 @@ void cli_negprot_send(struct cli_state *cli) char *p; int numprots; - if (cli->protocol < PROTOCOL_NT1) { + if (cli->protocol < PROTOCOL_NT1) cli->use_spnego = False; - } memset(cli->outbuf,'\0',smb_size); @@ -897,9 +876,8 @@ BOOL cli_negprot(struct cli_state *cli) return False; } - if (cli->protocol < PROTOCOL_NT1) { + if (cli->protocol < PROTOCOL_NT1) cli->use_spnego = False; - } memset(cli->outbuf,'\0',smb_size); @@ -986,9 +964,8 @@ BOOL cli_negprot(struct cli_state *cli) cli->max_xmit = MIN(cli->max_xmit, CLI_BUFFER_SIZE); /* a way to force ascii SMB */ - if (getenv("CLI_FORCE_ASCII")) { + if (getenv("CLI_FORCE_ASCII")) cli->capabilities &= ~CAP_UNICODE; - } return True; } @@ -1018,7 +995,8 @@ BOOL cli_session_request(struct cli_state *cli, len += name_len(p); /* 445 doesn't have session request */ - if (cli->port == 445) return True; + if (cli->port == 445) + return True; if (cli->sign_info.use_smb_signing) { DEBUG(0, ("Cannot send session resquest again, particularly after setting up SMB Signing\n")); @@ -1132,7 +1110,8 @@ BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip) cli->fd = open_socket_out(SOCK_STREAM, &cli->dest_ip, port, cli->timeout); } - if (cli->fd != -1) cli->port = port; + if (cli->fd != -1) + cli->port = port; } if (cli->fd == -1) { DEBUG(1,("Error connecting to %s (%s)\n", @@ -1207,11 +1186,10 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli, return NT_STATUS_UNSUCCESSFUL; } - if (dest_ip) { + if (dest_ip) ip = *dest_ip; - } else { + else ZERO_STRUCT(ip); - } again: @@ -1239,11 +1217,10 @@ again: return NT_STATUS_UNSUCCESSFUL; } - if (flags & CLI_FULL_CONNECTION_DONT_SPNEGO) { + if (flags & CLI_FULL_CONNECTION_DONT_SPNEGO) cli->use_spnego = False; - } else if (flags & CLI_FULL_CONNECTION_USE_KERBEROS) { + else if (flags & CLI_FULL_CONNECTION_USE_KERBEROS) cli->use_kerberos = True; - } if (!cli_negprot(cli)) { DEBUG(1,("failed negprot\n")); diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 560d391320..facf361a6b 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -32,49 +32,48 @@ int cli_set_port(struct cli_state *cli, int port) } /**************************************************************************** - read an smb from a fd ignoring all keepalive packets. Note that the buffer - *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN. - The timeout is in milliseconds - - This is exactly the same as receive_smb except that it never returns - a session keepalive packet (just as receive_smb used to do). - receive_smb was changed to return keepalives as the oplock processing means this call - should never go into a blocking read. + Read an smb from a fd ignoring all keepalive packets. Note that the buffer + *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN. + The timeout is in milliseconds + + This is exactly the same as receive_smb except that it never returns + a session keepalive packet (just as receive_smb used to do). + receive_smb was changed to return keepalives as the oplock processing means this call + should never go into a blocking read. ****************************************************************************/ static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) { - BOOL ret; - - for(;;) - { - ret = receive_smb(fd, buffer, timeout); - - if (!ret) - { - DEBUG(10,("client_receive_smb failed\n")); - show_msg(buffer); - return ret; - } - - /* Ignore session keepalive packets. */ - if(CVAL(buffer,0) != SMBkeepalive) - break; - } - show_msg(buffer); - return ret; -} + BOOL ret; + + for(;;) { + ret = receive_smb(fd, buffer, timeout); + + if (!ret) { + DEBUG(10,("client_receive_smb failed\n")); + show_msg(buffer); + return ret; + } + /* Ignore session keepalive packets. */ + if(CVAL(buffer,0) != SMBkeepalive) + break; + } + show_msg(buffer); + return ret; +} /**************************************************************************** -recv an smb + Recv an smb. ****************************************************************************/ + BOOL cli_receive_smb(struct cli_state *cli) { BOOL ret; /* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */ - if (cli->fd == -1) return False; + if (cli->fd == -1) + return False; again: ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout); @@ -151,15 +150,12 @@ void cli_setup_packet(struct cli_state *cli) uint16 flags2; SCVAL(cli->outbuf,smb_flg,0x8); flags2 = FLAGS2_LONG_PATH_COMPONENTS; - if (cli->capabilities & CAP_UNICODE) { + if (cli->capabilities & CAP_UNICODE) flags2 |= FLAGS2_UNICODE_STRINGS; - } - if (cli->capabilities & CAP_STATUS32) { + if (cli->capabilities & CAP_STATUS32) flags2 |= FLAGS2_32_BIT_ERROR_CODES; - } - if (cli->use_spnego) { + if (cli->use_spnego) flags2 |= FLAGS2_EXTENDED_SECURITY; - } if (cli->sign_info.use_smb_signing || cli->sign_info.temp_smb_signing) flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES; @@ -168,18 +164,18 @@ void cli_setup_packet(struct cli_state *cli) } /**************************************************************************** -setup the bcc length of the packet from a pointer to the end of the data + Setup the bcc length of the packet from a pointer to the end of the data. ****************************************************************************/ + void cli_setup_bcc(struct cli_state *cli, void *p) { set_message_bcc(cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf))); } - - /**************************************************************************** -initialise credentials of a client structure + Initialise credentials of a client structure. ****************************************************************************/ + void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr) { /* copy_nt_creds(&cli->usr, usr); */ @@ -194,10 +190,10 @@ void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr) cli->ntlmssp_flags,cli->ntlmssp_cli_flgs)); } - /**************************************************************************** -initialise a client structure + Initialise a client structure. ****************************************************************************/ + struct cli_state *cli_initialise(struct cli_state *cli) { BOOL alloced_cli = False; @@ -280,11 +276,11 @@ struct cli_state *cli_initialise(struct cli_state *cli) } /**************************************************************************** -shutdown a client structure + Close a client connection and free the memory without destroying cli itself. ****************************************************************************/ -void cli_shutdown(struct cli_state *cli) + +void cli_close_connection(struct cli_state *cli) { - BOOL allocated; SAFE_FREE(cli->outbuf); SAFE_FREE(cli->inbuf); @@ -295,25 +291,35 @@ void cli_shutdown(struct cli_state *cli) if (cli->fd != -1) close(cli->fd); - allocated = cli->allocated; +} + +/**************************************************************************** + Shutdown a client structure. +****************************************************************************/ + +void cli_shutdown(struct cli_state *cli) +{ + BOOL allocated = cli->allocated; + cli_close_connection(cli); ZERO_STRUCTP(cli); if (allocated) { free(cli); } } - /**************************************************************************** -set socket options on a open connection + Set socket options on a open connection. ****************************************************************************/ + void cli_sockopt(struct cli_state *cli, char *options) { set_socket_options(cli->fd, options); } /**************************************************************************** -set the PID to use for smb messages. Return the old pid. + Set the PID to use for smb messages. Return the old pid. ****************************************************************************/ + uint16 cli_setpid(struct cli_state *cli, uint16 pid) { uint16 ret = cli->pid; |